]> granicus.if.org Git - pdns/commitdiff
projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 15f841f)
Log error when remote cannot do AXFR
authorAki Tuomi <cmouse@desteem.org>
Sun, 29 Mar 2015 21:37:27 +0000 (00:37 +0300)
committerAki Tuomi <cmouse@desteem.org>
Sun, 29 Mar 2015 21:37:27 +0000 (00:37 +0300)
pdns/tcpreceiver.cc patch | blob | history

diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index 95dbcd7b841f553f2187941c6d6c2954a577eb90..547fb8c4e3b2d7a74c6d5c94fa1788c20809dbc1 100644 (file)
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -537,8 +537,15 @@ int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int out
       s_P=new PacketHandler;
     }
 
+    if (!canDoAXFR(q)) {
+      L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: "<<q->getRemote()<<" cannot request AXFR"<<endl;
+      outpacket->setRcode(9); // 'NOTAUTH'
+      sendPacket(outpacket,outsock);
+      return 0;
+    }
+
     // canDoAXFR does all the ACL checks, and has the if(disable-axfr) shortcut, call it first.
-    if(!canDoAXFR(q) || !s_P->getBackend()->getSOAUncached(target, sd)) {
+    if(!s_P->getBackend()->getSOAUncached(target, sd)) {
       L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: not authoritative"<<endl;
       outpacket->setRcode(9); // 'NOTAUTH'
       sendPacket(outpacket,outsock);
Unnamed repository; edit this file 'description' to name the repository.